Coverity feasts on software bugs

Automobile companies usually aren’t thought of as being in the software business. But General Motors recalled 47,401 Cadillac SRX models this year because of an airbag software bug, while Nissan Motor Co. had to bring back 5,300 Leafs to fix a software glitch that prevented some cars from starting.

Spotting such problems before they expensively emerge has proved to be a rich vein for Coverity Inc. It is helping large companies like Bayer, Boston Scientific, Chicago Trading Co., Lenovo, Level 3 Communications, Lockheed Martin, Medtronic, Mitsubishi Electric, NEC, Raytheon, Siemens, Yahoo and unnamed auto manufacturers search early on for errors in the billions of lines of computer code they use as they bring new offerings to market — often code supplied by outside vendors.

The San Francisco company, founded in 2002, recently closed out its fiscal year with nearly $50 million in revenue, up 27 percent over the prior year. It claims 1,100 customers from industries as diverse as financial services, automotive and transportation, aerospace and defense, telecommunications, software, electronics, and medical devices.

“Our outlook is over the next several years we should be able to harness this kind of growth — 25 to 35 percent,” said Coverity CEO Anthony Bettencourt, who took the job a year ago after holding multiple positions at Autonomy Inc., including CEO.

Coverity became cash flow positive last year and, after cutting 14 percent of staff during the economic downturn of 2009, has been expanding headcount significantly, adding 57 people over the last 13 months to hit a total of 210 employees.

Bettencourt expects to add another 30 people over the coming 11 months, and as a result, Coverity just nearly doubled the space it leases at 185 Berry St. to 53,000 square feet, although a good chunk of that will be sublet for the near future until Coverity needs it.

Outside analysts agree that the prospects are bright for the software development testing market Coverity inhabits.

VDC Research early this year named Coverity as the leader for static analysis and embedded systems and software testing, with a 30 percent market share, more than double its leading rival. Competitors include Klocwork and GrammaTech, although Coverity has a broader offering than “many of its competitors,” said VDC Vice President Chris Rommel.

“More and more, embedded and mobile devices are having their value defined not by hardware components, but by software functionality,” Rommel said. “We believe that the embedded market will continue to present Coverity and other static analysis tool vendors with significant opportunities for growth going forward.”

Changes in computer code can have unanticipated negative consequences leading to product delays, recalls, brand damage and lawsuits.

The implications of such failures increasingly lead directly to the C-suite, said Lanowitz, citing shareholder pressure last summer on Sony Corp. CEO Howard Stringer to resign following a costly software security failure on the PlayStation gaming network, said Theresa Lanowitz, founder of the analyst firm Voke Inc. Sony subsequently named a new chairman and president, Kaz Hirai.

“These executives really have to take responsibility and accountability for the software that’s running their companies,” Lanowitz said.